Microsoft Preps Fix for Latest IE Vulnerability

Stung by a recent spate of Internet Explorer (IE) vulnerabilities, Microsoft says it is actively investigating a recently discovered IE flaw and will likely issue a patch for that flaw soon. The flaw, which was discovered last week, involves a system file that is found on Windows systems in which certain versions of Visual Studio 2002 or Office XP are installed.

"Microsoft is investigating new public reports of a possible vulnerability in Internet Explorer," a Microsoft statement reads. "We are not aware of attacks that try to use the reported vulnerabilities or of customer impact at this time. Microsoft is aggressively investigating the public reports."

The flaw takes advantage of an IE feature that lets the browser control other Microsoft applications running on a Windows system. Theoretically, a malicious hacker could construct an exploit that takes over users' PC when they browse to their Web sites. The French Security Incident Response Team (FrSIRT), which first discovered the flaw, rates it as critical.

eWeek:
Safari Flaws Fixed in Monster Mac OS X
http://www.eweek.com/article2/0,1759,1848744,00.asp
Wheres the outrage? It's a good thing this trash isn't used as much as Windows, otherwise it would fall apart.

"Because it's not a simple matter of applying a patch and, like the "plug and pray" days of old, hope to God it works without effing up your system.
The fact is, it often does. That's true on any platform, but especially one as complex and full of holes as Windows."
I can't remember the last time a patch blew out my windows, or any windows PC I support - probably a few years ago.

"We already know that if they had taken the proper patch management procedures, those companies would NOT have been affected like they were, but they didn't."
Because it's not a simple matter of applying a patch and, like the "plug and pray" days of old, hope to God it works without effing up your system.
The fact is, it often does. That's true on any platform, but especially one as complex and full of holes as Windows. Imagine you apply the patch to one of those "10,000 computers" and your systems go down because of it? What then? IT managers need time to test before deployment.
Windows IS a security nightmare. But hey...it keeps lots of IT guys employed, right?

"Now imagine you have 10000 ... Apple desktops, and you manager asks, how many machines have the patches, how many havent, what is the installation failure/success rate, etc etc etc. (this applies to you *NixNuts also) How long will it take to get that data?"
Now imagine you have 1000 Windows desktops, and you're CNN. Or UPS. Or ABC News. Or any other number of companies around the globe who had business disrupted by ZoTob. How long do you think you get to keep your job because you bought and support such an insecure operating system?
Yeah. Probably forever. "No one ever got fired for choosing Microsoft".
But they should.

"Microsoft says it is actively investigating a recently discovered IE flaw and will likely issue a patch for that flaw soon. "
I thought "news", by definition, was something new and/or different. Aren't stories like this old hat by now?

Bregolard sauntered out of the bar and begin recalling all of his fears. Suddenly a man in a black cloak ran
up to him from the dark alley way. THe cloaked and mysterious figure disrobed completely and, alas, it was the
wizard Grendalf!!! "Wow, this is a delight" said Bregorlard. Grendalf noticed Bregorlard's state and began to
fondle his pert nipples in excitement. "Over here cutie-bum!" he called as he began to vomit a thick spew of
rancid fluid from between his chapped lips. "Suckle mommies bozoms...". He gently lowered Brogerlard's head to
his quickly growing breasts and attempted to suckle Brogerlard like he was his own child. Borgeerlard quickly
began to spew bile from out of his mouth and blood began to seep out of his ears for some awesome reason!!!
The vomit, blood and warm breast-milk met at the ground and formed a thick paste with the mud. It started to
grow darker. bergorlad began to defecate uncontrollably. "Ooooh!" cried Grendalf and he bent over and began to
scoop the steaming piles of rotten waste into his toothless mouth. It dribbled onto his beard and plopped onto
Bergorlard's face. Grendalf's nipples were beginning to chafe and become tired from the suckling.
as all of this was taking place a dark and mysterious shape crept up behind them. It lept at Grendalf and
began to chew on his left arm above the elbow. Blood and bits of muscle flew everywhere, coating Broogalard's
face with a hot red spray. "Blast this nuiscance!" he screamed and then bit Grendalf's nipple off with force.
The creature took out a knife and sliced both men's arms slowly and with delight....
But then Brugerlard looked up and saw a shiny light above him. Could this be a Silmaril of yore?

Firefox is greater thatn IE in the number of new releases released this past six months to fix its innumerable software.
IE, on the other hand has only required a few patches on the same time period, let alone whole new releases.
The difference? Firefox is new and full of holes, oversights, and vulnerabilities. IE is basically hardened.

"Now imagine you have 10000 ... Apple desktops, and you manager asks, how many machines have the patches, how many havent, what is the installation failure/success rate, etc etc etc. (this applies to you *NixNuts also) How long will it take to get that data?"
"Now imagine you have 1000 Windows desktops, and you're CNN. Or UPS. Or ABC News. Or any other number of companies around the globe who had business disrupted by ZoTob. How long do you think you get to keep your job because you bought and support such an insecure operating system?"
I love how you didn't answer the question, but brought up some news that totally sideskirts what the question was asking. We already know that if they had taken the proper patch management procedures, those companies would NOT have been affected like they were, but they didn't. MS and a ton of other companies offer competent solutions for patch management, which can do it quickly and effectively. The tools are there, they just didn't use them. Do we blame drivers or the car manufacturer when someone doesn't wear a seatbelt and gets injured?
Now, to ask the quesiton again: How would you suppose that you can update X amount of Mac desktops effectively with the new patches that were released? How would you know which patches were applied?
When an exploit for your precious operating system comes, and it will, how effectively will the Mac community be able to respond to it?

"IE is basically hardened"
Let me see you say that with a straight face during next week's Patch Tuesday.
My favorite feature of Windows is "Winrot," which is where the system actually slows down after six months, requiring a complete reinstall to get to normal speed again. No other OS has this innovative feature that Microsoft pioneered. Thank you, Microsoft.

"Apple has shipped a monster security patch for Mac OS X to fix 34 flaws in the operating system and bundled third-party utilities."
Now imagine you have 10000 (bwhaahahaha(probally the French bought em)) Apple desktops, and you manager asks, how many machines have the patches, how many havent, what is the installation failure/success rate, etc etc etc. (this applies to you *NixNuts also) How long will it take to get that data?

AWESOME. PAUL IS THE MOST GENIUS I KNOW. ARE YOU READY FOR TO DISS THE IPOD! I AM! ROCKS ON COMMANDOR IN CHIEFS (KASNSAS CITY)! I DON'T BELIEVE WE HAVE MET BEFORE - IS YOUR NAME FAT PIG? WHAT A GREAT TIME WE ALL ARE BEGINNING TO KNOW! APPLE SUCKS BIG TIME! APPLE IS A SORRY FOR EXCUSE TO COMPUTER! I HATE APPLE _ MICROSOFT IS WHAT IS RULES!